Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          CDxALfw7uzjSK6ii9UMqiXn4YHEy5gJglgQUFX42EI4=
Subject key identifier:   87:88:84:D0:3A:C7:82:43:D8:1B:EF:D3:57:48:B1:87:86:EA:72:58
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       019769CEB94CF12B43B31B90A632F0A87766
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          12D8
Signing time:             Fri 13 Jun 2025 15:00:44 +0000
Manifest this update:     Fri 13 Jun 2025 15:00:44 +0000
Manifest next update:     Sat 14 Jun 2025 15:00:44 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: 2oruPt908Wb6vOuuGyQnuNV9I+6YcRNIO4Y3HvWyvrM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:ce:b9:4c:f1:2b:43:b3:1b:90:a6:32:f0:a8:77:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Jun 13 15:00:44 2025 GMT
            Not After : Jun 14 15:00:44 2025 GMT
        Subject: CN=878884d03ac78243d81befd35748b18786ea7258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:76:6f:36:b3:50:ac:9f:43:c9:7f:f1:88:0a:
                    9a:cf:cc:01:f0:07:fd:01:b8:ea:82:fb:28:00:bb:
                    d7:5d:23:62:f7:8b:57:4f:75:3c:93:dd:6c:c4:8b:
                    f7:d0:35:8a:33:13:3b:85:c0:5b:dd:91:46:59:28:
                    ab:67:a0:53:d4:8b:80:84:a3:9e:91:b5:d9:a4:01:
                    a9:51:d2:24:97:aa:de:94:f0:74:7e:93:71:ef:6c:
                    38:68:66:87:1d:56:40:d6:1c:21:df:2d:42:e1:3a:
                    66:bd:4e:bd:a6:bf:49:e2:46:45:70:72:49:be:fb:
                    78:2c:da:f1:5f:84:95:82:fa:51:13:69:13:0a:c5:
                    27:2e:9f:67:3f:f6:24:27:ca:89:0e:a1:67:ad:5c:
                    8d:1a:20:d3:44:9e:81:4b:67:d0:fb:bd:0b:87:9e:
                    60:e7:d8:b3:2f:a2:96:ce:36:8d:87:52:d0:b3:ab:
                    d6:27:4c:0b:0c:8b:f1:7c:02:ef:09:c3:01:f8:10:
                    07:a0:95:de:14:c5:6e:76:b7:b9:9b:d4:b6:d7:32:
                    a8:56:40:5a:1d:60:2d:20:8f:5a:b1:93:8f:cf:f2:
                    95:f2:a9:33:75:0a:08:f8:3b:75:6f:65:2c:37:22:
                    4e:b1:22:57:46:56:a2:4e:c5:64:7a:47:8a:fd:80:
                    d4:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:88:84:D0:3A:C7:82:43:D8:1B:EF:D3:57:48:B1:87:86:EA:72:58
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:8e:5f:0c:e5:dc:dc:ed:58:41:36:8d:5f:9c:0c:ad:6b:48:
         77:d8:c2:c5:e8:59:e1:98:06:38:33:0d:11:66:93:87:ed:b9:
         5f:07:77:16:e0:dd:28:a8:e2:3a:0d:96:83:ae:70:68:8f:e0:
         18:1e:7e:e0:10:fe:12:d3:90:a7:d6:79:d5:09:f3:4a:1c:88:
         2b:d4:59:9e:d7:d0:ba:9a:2a:25:c0:95:cc:34:e6:71:56:47:
         4c:06:10:4a:fc:85:b7:47:45:25:70:cc:99:9a:b8:60:1f:8f:
         24:45:fb:58:49:94:c1:99:a5:5d:80:52:d9:3e:38:31:12:32:
         82:9d:78:c1:d7:85:35:59:fa:d9:f8:f8:d1:aa:67:e4:ab:fb:
         f3:41:26:5b:74:a8:d4:bf:45:b3:1f:5a:be:1b:bb:70:ab:07:
         43:44:b0:49:ed:87:06:5b:cc:1f:9d:72:fd:15:05:00:9f:df:
         8b:71:95:66:08:0d:6f:6f:4d:74:70:5f:80:af:6a:c5:38:13:
         f9:71:f5:36:7e:70:93:6b:f9:b9:e6:fd:b0:9f:0b:bc:2c:78:
         76:b7:b2:6e:6c:56:aa:d8:4a:81:a6:c1:42:8a:11:6c:4b:08:
         74:37:2a:e9:ca:da:c1:46:8f:83:2f:78:87:f9:e7:37:15:98:
         62:5c:d2:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzrlM8StDsxuQpjLwqHdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjUwNjEzMTUwMDQ0WhcNMjUwNjE0MTUwMDQ0WjAzMTEwLwYDVQQD
Eyg4Nzg4ODRkMDNhYzc4MjQzZDgxYmVmZDM1NzQ4YjE4Nzg2ZWE3MjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunZvNrNQrJ9DyX/xiAqaz8wB8Af9
AbjqgvsoALvXXSNi94tXT3U8k91sxIv30DWKMxM7hcBb3ZFGWSirZ6BT1IuAhKOe
kbXZpAGpUdIkl6relPB0fpNx72w4aGaHHVZA1hwh3y1C4TpmvU69pr9J4kZFcHJJ
vvt4LNrxX4SVgvpRE2kTCsUnLp9nP/YkJ8qJDqFnrVyNGiDTRJ6BS2fQ+70Lh55g
59izL6KWzjaNh1LQs6vWJ0wLDIvxfALvCcMB+BAHoJXeFMVudre5m9S21zKoVkBa
HWAtII9asZOPz/KV8qkzdQoI+Dt1b2UsNyJOsSJXRlaiTsVkekeK/YDUcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIeIhNA6x4JD2Bvv01dIsYeG6nJYMB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVI5fDOXc
3O1YQTaNX5wMrWtId9jCxehZ4ZgGODMNEWaTh+25Xwd3FuDdKKjiOg2Wg65waI/g
GB5+4BD+EtOQp9Z51QnzShyIK9RZntfQupoqJcCVzDTmcVZHTAYQSvyFt0dFJXDM
mZq4YB+PJEX7WEmUwZmlXYBS2T44MRIygp14wdeFNVn62fj40apn5Kv780EmW3So
1L9Fsx9avhu7cKsHQ0SwSe2HBlvMH51y/RUFAJ/fi3GVZggNb29NdHBfgK9qxTgT
+XH1Nn5wk2v5ueb9sJ8LvCx4dreybmxWqthKgabBQooRbEsIdDcq6crawUaPgy94
h/nnNxWYYlzSFA==
-----END CERTIFICATE-----